Open Source Security Information Management Security Vulnerabilities and Issues — Open Source Security Information Management CVE List

Lucene search

AlienvaultOpen Source Security Information Management

4 matches found

CVE•added 2009/12/21 4:30 p.m.•41 views

CVE-2009-4373

Unrestricted file upload vulnerability in repository/repository_attachment.php in AlienVault Open Source Security Information Management (OSSIM) 2.1.5, and possibly other versions before 2.1.5-4, allows remote attackers to execute arbitrary code by uploading a file with an executable extension, the...

7.5CVSS7.8AI score0.02379EPSS

CVE•added 2009/12/21 4:30 p.m.•41 views

CVE-2009-4374

Directory traversal vulnerability in repository/repository_attachment.php in AlienVault Open Source Security Information Management (OSSIM) 2.1.5, and possibly other versions before 2.1.5-4, allows remote attackers to upload files into arbitrary directories via a .. (dot dot) in the id_document par...

7.5CVSS6.9AI score0.00153EPSS

CVE•added 2009/12/21 4:30 p.m.•34 views

CVE-2009-4372

AlienVault Open Source Security Information Management (OSSIM) 2.1.5, and possibly other versions before 2.1.5-4, allows remote attackers to execute arbitrary commands via shell metacharacters in the uniqueid parameter to (1) wcl.php, (2) storage_graphs.php, (3) storage_graphs2.php, (4) storage_gra...

7.5CVSS7.7AI score0.08824EPSS

CVE•added 2009/12/21 4:30 p.m.•32 views

CVE-2009-4375

SQL injection vulnerability in repository/repository_attachment.php in AlienVault Open Source Security Information Management (OSSIM) 2.1.5, and possibly other versions before 2.1.5-4, allows remote attackers to execute arbitrary SQL commands via the id_document parameter.

7.5CVSS8.4AI score0.00171EPSS